NexaGuard
  1. Compliance-and-Standards
NexaGuard
  • Getting-Started
    • NexaGuard Developer Documentation
    • Quickstart (5 to 10 Minutes)
    • Documentation Overview
    • Concepts and Glossary
  • Compliance-and-Standards
    • Compliance Overview
    • IAB TCF v2.3 Support
    • Google Consent Mode v2 Validation
    • TCF API Validation
    • Audit Checklist (Pre-Launch)
  • Web-and-CMS-Integrations
    • NexaGuard CMP SDK – Web & GTM Setup
    • Integrate NexaGuard CMP with Webflow and Wix
    • Integrate NexaGuard CMP with WordPress
    • Integrate NexaGuard CMP with Drupal
    • Integrate NexaGuard CMP with Shopify
  • Mobile-SDKs
    • NexaGuard CMP SDK - iOS Setup
    • iOS SDK API Reference
    • NexaGuard CMP SDK - Android Setup
    • Android SDK API Reference
    • App Attribution Partner (AAP) Integrations
  • Developer-Reference
    • Web JS API Reference
    • Consent Event Schema
    • Deployment and Environments
    • NexaGuard Debug Tool
    • Troubleshooting Playbook
    • Performance and Best Practices
    • Accessibility and UX Guidelines
    • Localization Workflow
    • Migration Guide
  • Security-and-Privacy
    • Security Overview
    • Privacy Architecture
    • Data and Logging Transparency
    • Subprocessors
    • CSP and Network Allowlist
  • Enterprise-and-Legal
    • DPA and Legal Pack
    • RFP Feature Matrix
    • Status and Reliability
    • Support and Escalation
    • NexaGuard CMP SDK – Commercial Licence
  • Operations
    • Changelog and Version Policy
  1. Compliance-and-Standards

Audit Checklist (Pre-Launch)

Last updated: February 18, 2026
Use this checklist before every production go-live.

1. Banner and UX#

Accept and Reject are both visible and equally accessible.
Banner can be reopened from a persistent link/button.
First and second layer text matches approved legal copy.
Keyboard navigation works for all controls.

2. Consent Mode v2#

default command fires before tag execution.
update command fires after user action.
All four keys are present: ad_storage, analytics_storage, ad_user_data, ad_personalization.

3. TCF v2.3#

__tcfapi is available.
TC string updates when user changes preferences.
Vendor and purpose settings match dashboard policy.

4. Technical Quality#

CMP script loads once only.
CSP and allowlist permit CMP domains.
No console errors during consent flow.
Caching layer does not serve stale CMP config.

5. Evidence Package#

Screenshot of banner first layer and second layer.
Tag Assistant trace.
Browser console output for consent checks.
TCF checks and TC string sample.
Debug export from NexaGuard Debug Tool.

6. Sign-Off#

Engineering sign-off
Privacy/legal sign-off
Release owner sign-off
Support runbook updated
Previous
TCF API Validation
Next
NexaGuard CMP SDK – Web & GTM Setup